On Wed, Aug 09, 2006 at 08:34:28PM +0200, Scott Cotton wrote: > Hi all, > > I've come across something which seem like a possible issue w.r.t. xml > processing > for xmpp implementations. > > The first is that rfc1390, sec 11.1 (restrictions on xml) states that > > 1) With regard to XML generation, an XMPP implementation MUST NOT inject > into an XML stream any of the following > [ dtds and stuff] > > 2) With regard to XML processing, if an XMPP implementation receives such > restricted XML data, it MUST ignore the data > > My question is what happens when a server receives xml with craziness like > embedded dtds but, having > ignored such restricted data, it decides it must pass the message on to > another server. How can a server fullfill both > 1 and 2 above? What is generally done in these cases? > I understand it this way: the resending of message consists of reading it and then sending it. While reading it, I meet the dtd, but I ignore it, like it was not there. I do not even read it. Therefore, as I ignored it, I will not send it, as it was not there.
-- Security warning: Do not expose this email to direct sunlight. It may lead to undefined behaviour, including possible data or life loses. Michal "vorner" Vaner
pgpwlZVgECLoL.pgp
Description: PGP signature
